use of iso.std.iso_iec._24727.tech.schema.AccessRuleType in project open-ecard by ecsec.
the class CIFCreator method createRuleTrue.
private AccessRuleType createRuleTrue(NamedDataServiceActionName actionName) {
AccessRuleType rule = new AccessRuleType();
rule.setCardApplicationServiceName("NamedDataService");
rule.setAction(createAction(actionName));
rule.setSecurityCondition(createTrueCond());
return rule;
}
use of iso.std.iso_iec._24727.tech.schema.AccessRuleType in project open-ecard by ecsec.
the class CIFCreator method createRuleTrue.
private AccessRuleType createRuleTrue(DifferentialIdentityServiceActionName actionName) {
AccessRuleType rule = new AccessRuleType();
rule.setCardApplicationServiceName("DifferentialIdentityService");
rule.setAction(createAction(actionName));
rule.setSecurityCondition(createTrueCond());
return rule;
}
use of iso.std.iso_iec._24727.tech.schema.AccessRuleType in project open-ecard by ecsec.
the class CIFCreator method createPinDID.
private DIDInfoType createPinDID() throws WSMarshallerException {
LOG.debug("Creating PinCompare DID object.");
DIDInfoType di = new DIDInfoType();
// create differential identity
DifferentialIdentityType did = new DifferentialIdentityType();
di.setDifferentialIdentity(did);
String didName = PIN_NAME;
did.setDIDName(didName);
did.setDIDProtocol("urn:oid:1.3.162.15480.3.0.9");
did.setDIDScope(DIDScopeType.GLOBAL);
// create pin compare marker
PinMarkerBuilder markerBuilder = new PinMarkerBuilder();
KeyRefType kr = new KeyRefType();
// value is irrelevant
kr.setKeyRef(new byte[] { 0x01 });
markerBuilder.setPinRef(kr);
try {
PasswordAttributesType pw = new PasswordAttributesType();
MwToken tok = session.getSlot().getTokenInfo();
long minPinLen = tok.getUlMinPinLen();
long maxPinLen = tok.getUlMinPinLen();
pw.setMinLength(BigInteger.valueOf(minPinLen));
pw.setMaxLength(BigInteger.valueOf(maxPinLen));
markerBuilder.setPwAttributes(pw);
} catch (CryptokiException | NullPointerException ex) {
LOG.warn("Unable to read min and max PIN length from middleware.");
}
// wrap pin compare marker and add to parent
PinCompareMarkerType marker = markerBuilder.build();
DIDMarkerType markerWrapper = new DIDMarkerType();
markerWrapper.setPinCompareMarker(marker);
did.setDIDMarker(markerWrapper);
// create acl
AccessControlListType acl = new AccessControlListType();
di.setDIDACL(acl);
List<AccessRuleType> rules = acl.getAccessRule();
rules.add(createRuleTrue(AuthorizationServiceActionName.ACL_LIST));
rules.add(createRuleTrue(DifferentialIdentityServiceActionName.DID_LIST));
rules.add(createRuleTrue(DifferentialIdentityServiceActionName.DID_GET));
rules.add(createRuleTrue(DifferentialIdentityServiceActionName.DID_AUTHENTICATE));
return di;
}
use of iso.std.iso_iec._24727.tech.schema.AccessRuleType in project open-ecard by ecsec.
the class CIFCreator method getCertificateDatasets.
private List<DataSetInfoType> getCertificateDatasets() throws CryptokiException {
ArrayList<DataSetInfoType> datasets = new ArrayList<>();
List<MwCertificate> mwCerts = session.getCertificates();
for (MwCertificate cert : mwCerts) {
// create DataSetType and set primitive values
DataSetInfoType ds = new DataSetInfoType();
ds.setDataSetName(cert.getLabel());
PathType path = new PathType();
ds.setDataSetPath(path);
// don't care value
path.setEfIdOrPath(new byte[] { (byte) 0xFF });
// create ACLs
AccessControlListType acl = new AccessControlListType();
ds.setDataSetACL(acl);
List<AccessRuleType> rules = acl.getAccessRule();
rules.add(createRuleTrue(AuthorizationServiceActionName.ACL_LIST));
rules.add(createRuleTrue(NamedDataServiceActionName.DSI_READ));
rules.add(createRuleTrue(NamedDataServiceActionName.DSI_LIST));
rules.add(createRuleTrue(NamedDataServiceActionName.DATA_SET_SELECT));
datasets.add(ds);
}
return datasets;
}
use of iso.std.iso_iec._24727.tech.schema.AccessRuleType in project open-ecard by ecsec.
the class AccessRuleCreator method create.
public AccessRuleType create() {
AccessRuleType art = new AccessRuleType();
art.setCardApplicationServiceName(serviceName);
art.setAction(actionNameType);
SecurityConditionType security = new SecurityConditionType();
if (securityConditionAlways != null) {
security.setAlways(securityConditionAlways);
}
if (securityConditionNever != null) {
security.setNever(securityConditionNever);
}
art.setSecurityCondition(security);
return art;
}
Aggregations